CVE-2003-0007
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
07/02/2003
Last modified:
03/04/2025
Description
Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure."
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:microsoft:outlook:2002:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:outlook:2002:sp1:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:outlook:2002:sp2:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.securityfocus.com/bid/6667
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-003
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11133
- http://www.securityfocus.com/bid/6667
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-003
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11133